Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware
Security Affairs
JANUARY 31, 2024
Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, “Based on my observations, all the samples download a Sliver (Golang) backdoor, though from different URLs.”
Let's personalize your content